/*
 * <p>Company: Copyright (c) 2018. yuke All Rights Reserved. </br> </p>
 * <p>Title：yukemall </br> </p>
 * <p>com.yuke.cloud.monitor Description TODO </br> </p>
 * @Author wg
 * @Date   2018/9/1 14:11
 */

package com.yuke.cloud.monitor;

import de.codecentric.boot.admin.server.config.AdminServerProperties;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.authentication.SavedRequestAwareAuthenticationSuccessHandler;

@Configuration
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {

    //add by wg 20180922
    private final String adminContextPath;

    public WebSecurityConfig(AdminServerProperties adminServerProperties) {
        this.adminContextPath = adminServerProperties.getContextPath();
    }

    /**
     * Configure.
     *
     * @param http the http
     *
     * @throws Exception the exception
     */
    @Override
    protected void configure(HttpSecurity http) throws Exception {
//        http.headers().frameOptions().disable()
//                .and()
//                .formLogin()
//                .loginPage("/login.html")
//                .loginProcessingUrl("/login")
//                .and()
//                .logout().logoutUrl("/logout")
//                .and()
//                .csrf().disable()
//                .authorizeRequests()
//                .antMatchers("/api/**", "/applications/**", "/api/applications/**", "/login.html", "/**/*.css", "/img/**", "/third-party/**", "/asset/img/**")
//                .permitAll()
//                .anyRequest().authenticated();
//        http.httpBasic().disable();  //add by wg 20180921 关闭basic认证


        SavedRequestAwareAuthenticationSuccessHandler successHandler = new SavedRequestAwareAuthenticationSuccessHandler();
        successHandler.setTargetUrlParameter("redirectTo");

        http.authorizeRequests()
                .antMatchers(adminContextPath + "/assets/**").permitAll()
                .antMatchers(adminContextPath + "/login").permitAll()
                .antMatchers(adminContextPath + "/api/**").permitAll()
                .antMatchers(adminContextPath + "/applications/**").permitAll()
                .antMatchers(adminContextPath + "/api/applications/**").permitAll()
                .antMatchers(adminContextPath + "/login.html").permitAll()
                .antMatchers(adminContextPath + "/**/*.css").permitAll()
                .antMatchers(adminContextPath + "/img/**").permitAll()
                .antMatchers(adminContextPath + "/third-party/**").permitAll()
                //.antMatchers(adminContextPath + "/hystrix/**").permitAll()
                .anyRequest().authenticated()
                .and()
                .formLogin().loginPage(adminContextPath + "/login").successHandler(successHandler).and()
                .logout().logoutUrl(adminContextPath + "/logout").and()
                .httpBasic().and()
                .csrf().disable();
        //http.httpBasic().disable();  //add by wg 20180921 关闭basic认证
    }
}
